139 lines
3.7 KiB
Perl
139 lines
3.7 KiB
Perl
##@file
|
||
# DBI password backend file
|
||
|
||
##@class
|
||
# DBI password backend class
|
||
package Lemonldap::NG::Portal::PasswordDBDBI;
|
||
|
||
use strict;
|
||
use Lemonldap::NG::Portal::Simple;
|
||
use Lemonldap::NG::Portal::AuthDBI; #inherits
|
||
use base qw(Lemonldap::NG::Portal::_DBI );
|
||
#use Lemonldap::NG::Portal::_SMTP; #inherits
|
||
|
||
our $VERSION = '0.1';
|
||
|
||
## @apmethod int passwordDBInit()
|
||
# Load SMTP functions and call DBI authInit()
|
||
# @return Lemonldap::NG::Portal constant
|
||
sub passwordDBInit {
|
||
my $self = shift;
|
||
eval { use base qw(Lemonldap::NG::Portal::_SMTP) };
|
||
if ($@) {
|
||
$self->lmLog( "Unable to load SMTP functions ($@)", 'error' );
|
||
return PE_ERROR;
|
||
}
|
||
unless ( $self->{dbiPasswordMailCol} )
|
||
{
|
||
$self->lmLog( "Missing configuration parameters for DBI password reset",
|
||
'error' );
|
||
return PE_ERROR;
|
||
}
|
||
return $self->Lemonldap::NG::Portal::AuthDBI::authInit();
|
||
}
|
||
|
||
## @apmethod int modifyPassword()
|
||
# Modify the password
|
||
# @return Lemonldap::NG::Portal constant
|
||
sub modifyPassword {
|
||
my $self = shift;
|
||
|
||
# Exit if no password change requested
|
||
return PE_OK unless ( $self->{newpassword} );
|
||
|
||
# Verify confirmation password matching
|
||
return PE_PASSWORD_MISMATCH
|
||
unless ( $self->{newpassword} eq $self->{confirmpassword} );
|
||
|
||
# Connect
|
||
my $dbh =
|
||
$self->dbh( $self->{dbiAuthChain}, $self->{dbiAuthUser},
|
||
$self->{dbiAuthPassword} );
|
||
return PE_ERROR unless $dbh;
|
||
|
||
my $user = $self->{sessionInfo}->{_user};
|
||
|
||
# Check old passord
|
||
if ( $self->{oldpassword} ) {
|
||
|
||
# Password hash
|
||
my $password = $self->hash_password( $self->{oldpassword}, $self->{dbiAuthPasswordHash} );
|
||
|
||
my $result = $self->check_password( $user, $password );
|
||
|
||
unless ( $result ) {
|
||
return PE_BADOLDPASSWORD;
|
||
}
|
||
}
|
||
|
||
# Modify password
|
||
my $password = $self->hash_password( $self->{newpassword}, $self->{dbiAuthPasswordHash} );
|
||
|
||
my $result = $self->modify_password( $user, $password );
|
||
|
||
unless ( $result ) {
|
||
return PE_ERROR;
|
||
}
|
||
|
||
$self->lmLog( "Password changed for $user", 'debug' );
|
||
PE_PASSWORD_OK;
|
||
}
|
||
|
||
## @apmethod int resetPasswordByMail()
|
||
# Reset the password and send a mail.
|
||
# @return Lemonldap::NG::Portal constant
|
||
sub resetPasswordByMail {
|
||
my $self = shift;
|
||
|
||
# Exit method if no mail
|
||
return PE_OK unless ( $self->{mail} );
|
||
|
||
# Find mail in database
|
||
my $dbh =
|
||
$self->dbh( $self->{dbiAuthChain}, $self->{dbiAuthUser},
|
||
$self->{dbiAuthPassword} );
|
||
return PE_ERROR unless $dbh;
|
||
|
||
my $table = $self->{dbiAuthTable};
|
||
my $mail = $self->{mail};
|
||
my $mailCol = $self->{dbiPasswordMailCol};
|
||
$mail =~ s/'/''/g;
|
||
my $sth;
|
||
|
||
eval {
|
||
$sth = $dbh->prepare("SELECT * FROM $table WHERE $mailCol='$mail'");
|
||
$sth->execute();
|
||
};
|
||
if ($@) {
|
||
$self->lmLog( "DBI error: $@", 'error' );
|
||
return PE_ERROR;
|
||
}
|
||
|
||
unless ( $sth->fetchrow_hashref() ) {
|
||
$self->lmLog( "Mail $mail not found", 'notice' );
|
||
return PE_BADCREDENTIALS;
|
||
}
|
||
|
||
$self->lmLog( "Reset password request for " . $self->{mail}, 'debug' );
|
||
|
||
# Generate a complex password
|
||
my $password = $self->gen_password( $self->{randomPasswordRegexp} );
|
||
|
||
$self->lmLog( "Generated password: " . $password, 'debug' );
|
||
|
||
# Modify password
|
||
my $hpassword = $self->hash_password( $password, $self->{dbiAuthPasswordHash} );
|
||
my $result = $self->modify_password( $self->{mail}, $hpassword, $self->{dbiPasswordMailCol} );
|
||
|
||
return PE_ERROR unless $result;
|
||
|
||
# Send new password by mail
|
||
$result = $self->send_password( $password, $self->{mail} );
|
||
|
||
return PE_ERROR unless $result;
|
||
|
||
PE_PASSWORD_OK;
|
||
}
|
||
|
||
1;
|